CompTIA Network+ (N10-007) Cert Prep: 5 Securing TCP/IP

Author

Released

8/24/2018

Earning the CompTIA Network+ certification can help to jump-start your career in IT by validating your understanding of how to configure, manage, and maintain networks. In this installment of the CompTIA Network+ Cert Prep series, instructor Mike Meyers covers key network security exam concepts as he explains how to secure TCP/IP. Mike explores symmetric and asymmetric encryption and goes over how cryptographic hashes work. He also discusses Kerberos, access control lists, single sign-on, and more.

Skill Level Beginner

1h 18m

Duration

13,582

Views

Show MoreShow Less

- We have spent a lot of episodesgoing through a lot of stuff to make our networks,and by doing that,we're making networks, we've got web servers runningand people are transferring files to each otherand domains are being named and life is goodexcept for one big thing.There's no real security here.So, what I wanna do is warn youthat we're about to start this big processof taking everything we've learned and making it secure.Now sure, we've covered a little bit of securityhere and there, but what I want you to doright now and for the next few episodesis I want you to put on your security hatand start thinkin' about how do we lock this down,how do we protect this?How do we keep people from the evils of the internetand how do we keep our nice internetfrom the evils of our people?So, one of the things we do is we have certain philosophieswhen we talk about security and one of themis the famous CIA of security.

CIA stands for confidentiality, integrity and availability.As we begin to take what's basically was inventedas a very insecure thing, TCP/IP,and make it secure we keep chanting,confidentiality, integrity and availability!So let's talk about this for a minute.First of all, when I say confidentiality,I wanna keep stuff confidential.Now, there's a lot of different ways to do that,but one of the big ways that we're gonna to coverin the next few episodesis the concept of encryption.

How do we take unencrypted datathat's flying through the internet and encrypt itso that nobody can see itbut the folks we want to see it?So, we're gonna be covering all kinds of interesting stufflike different kinds of encryptions and all that stuff.It's a lot of funand I think you're gonna enjoy those episodes.But then after that is integrity.Just because something's encrypted,do I know it came from Mike Myers, popular author?If that file was being transferred,did somebody mess it up mid-stream?So, there's a whole lot of stuffthat has to do with integrity.

Integrity means is this goodin the way that it should be good?We use the word non-repudiation a lot here.Basically, it says if somebody is handing me something,I have no doubtthat that's the person who handed it to me.So, we're gonna be going into a lot of integrity tools.You're gonna hear about things like certificates,and hashes and stuff like that that are importantfor us to deal with, the CIA of security.Last is availability.Now, one of the most dangerous things you can dois if you put enough locks on the door,you can make it so hard to unlock the doorthat you're not gonna use the door.

So, a big issue for us for security is to make surethat we balance the confidentiality and integrity toolsin a way that we can use it.Also, security, when we talk about availability is,is this thing ready to use, is it out there?When we need it, is it ready to go?So we're gonna be talking about thingslike high availability and stuff like thatthat say this network device, this server,this whatever it might be, is out there and ready to go.Also availability, we cover something as simple as a backup.If we lose it, do we have a backup availableso we can get our data back?A big chunk that deals with the CIA, and a lot of peopleadd this to the end of CIA, are two things calledauthorization and authentication.

Now, authentication is the concept of giving someonethe right to access something.So, for example, a user name and password,or a smart card or something, something that gives you a keyto unlock the door to get into a system,whatever that system might be.And then along with that is something called authorization.Authorization means, okay now that you're in,what do you get to do?So, file accesses, time of day, all of these thingskinda come into play.So, what I need you to do starting right nowand for the next number of episodes,I need you to be thinking about security.

Keep in mind the idea of CIA and don't forgetthat also authentication and authorizationcome into play just as well.So get ready and let's get secure.